mirokaku / ucxxrt Goto Github PK

#include
我试图修改他，但这超出了我的能力范围。十分遗憾无法使用到regex.h相关的函数，请问有什么可以替代的办法吗。

Is your feature request related to a problem? Please describe.
When working on dll's which inject into an early process loading stage, like SbieDll.dll from https://github.com/sandboxie-plus/Sandboxie it is good practice not to link against anything but the ntdll.dll, and may kernel32.dll, so no standard libs and no C run time should be included as we want to avoid linking against the accompanying dll's.
Currently that project uses only C but it would be great if c++ could be used.

Describe the solution you'd like
ucxxrt adding support for user mode and ARM64EC

Describe alternatives you've considered
Grabbing the a few obj files from MSFT's own libcmt and bunch self implemented functions works for C,
see https://github.com/sandboxie-plus/Sandboxie/tree/master/Sandboxie/common/NtCRT

32位程序Debug/Release编译后(空驱动,里面只使用std::string)
类似代码如下:

#include "main.h"

#include <string>

VOID DriverUnLoad(PDRIVER_OBJECT driver) {
  UNREFERENCED_PARAMETER(driver);
  KdPrint(("DriverUnload\r\n"));
}

NTSTATUS DriverMain(PDRIVER_OBJECT driver,
                     PUNICODE_STRING driver_self_reg_path)
/*  NTSTATUS DriverEntry(PDRIVER_OBJECT driver,
                     PUNICODE_STRING driver_self_reg_path)*/ {
  UNREFERENCED_PARAMETER(driver_self_reg_path);
  DbgPrint("DriverEntry");
  std::string s1 = "HelloWOrld";
  DbgPrint("%s", s1.c_str());
  driver->DriverUnload = DriverUnLoad;

  return STATUS_SUCCESS;
}

无法加载,编译可以通过.但是加载的时候提示找不到程序(127错误).(说明驱动文件不符合)
64的release遇到过,但是后面用家里的电脑(纯净电脑) 重新安装了Nuget包中的咱们这个库. 64的release可以编译通过了并且可以加载.
但是32的驱动可以编译通过,但是不能加载. 不知道那里的问题.
家里电脑使用的 WDK SDK = 2019 18362
生成的Debug 常见配置如下:
运行库 = MTD
安全检查 = 禁用GS
spectre缓解 = 已禁用
SDL = 否
警告为错误 = 否(Wx)
警告等级 = 4

Target Os version = windows 7
Target Platform = Desktop
Driver Mode =KMDF
Driver sign = Off

Is your feature request related to a problem? Please describe.

新版本MSVC中一些头文件(如xthreads.h)存在较大改动，目前项目在VS2022预览版中无法完成编译。

Describe the solution you'd like
Describe alternatives you've considered

似乎可以内嵌旧版本头文件？

Additional context

cond.cpp这种可以简单的批量替换：

1>C:\Projects\WIP\ucxxrt\src\crt\stl\cond.cpp(36,44): error C2556: “int _Cnd_init(_Cnd_t *const )”: 重载函数与“_Thrd_result _Cnd_init(_Cnd_t *)”只是在返回类型上不同

新版本的函数签名:
_CRTIMP2_PURE _Thrd_result __cdecl _Cnd_init(_Cnd_t*);
enum class _Thrd_result : int { _Success, _Nomem, _Timedout, _Busy, _Error };

旧版本的函数签名：
int __cdecl _Cnd_init(_Cnd_t* const pcond);

替换 return _Thrd_XXX -> return _Thrd_result::_XXX

但mutex.cpp中的
static_assert(sizeof(_Mtx_internal_imp_t) <= _Mtx_internal_imp_size, "incorrect _Mtx_internal_imp_size");
static_assert(alignof(_Mtx_internal_imp_t) <= _Mtx_internal_imp_alignment, "incorrect _Mtx_internal_imp_alignment");

这类代码改动较大，可能需要重新适配。

Describe the bug
编译时出现ucxxrt.lib(xthrow.obj) : error LNK2038: 检测到“RuntimeLibrary”的不匹配项: 值“MTd_StaticDebug”不匹配值“MT_StaticRelease”和ucxxrt.lib(throw_bad_alloc.obj) : error LNK2038: 检测到“RuntimeLibrary”的不匹配项: 值“MTd_StaticDebug”不匹配值“MT_StaticRelease”

To Reproduce
Steps to reproduce the behavior:
1.切换到Debug选项
2.编译

Expected behavior
出现LNK2038错误

Screenshots

Desktop (please complete the following information):

• OS: [Windows 10]
• Version [10.0.19044.1766]

Additional context

已启动生成...
1>------ 已启动生成: 项目: NtLoader, 配置: Debug x64 ------
1>
1>  **************************************************
1>  *         Universal C++ RunTime (UCXXRT)         *
1>  **************************************************
1>  
1>  UCXXRT Path      : C:\Users\cz251\source\repos\NtLoader\packages\ucxxrt.2.1.2\lib\native\
1>  Platform         : x64
1>  Configuration    : Debug
1>  Tools Version    : 14.32.31326
1>  Platform Version : 10.0.22621.0
1>  Kernel Mode      : true
1>Building 'NtLoader' with toolset 'WindowsKernelModeDriver10.0' and the 'Universal' target platform.
1>KLog.cpp
1>KMemory.cpp
1>Main.cpp
1>正在生成代码...
1>ucxxrt.lib(xthrow.obj) : error LNK2038: 检测到“RuntimeLibrary”的不匹配项: 值“MTd_StaticDebug”不匹配值“MT_StaticRelease”(Main.obj 中)
1>ucxxrt.lib(throw_bad_alloc.obj) : error LNK2038: 检测到“RuntimeLibrary”的不匹配项: 值“MTd_StaticDebug”不匹配值“MT_StaticRelease”(Main.obj 中)
1>C:\Users\cz251\source\repos\NtLoader\x64\Debug\NtLoader.sys : fatal error LNK1319: 检测到 2 个不匹配项
1>已完成生成项目“NtLoader.vcxproj”的操作 - 失败。
========== “生成”: 0 成功，1 失败，0 更新，0 已跳过 ==========

1>ucxxrt.lib(trnsctrl.obj) : error LNK2019: unresolved external symbol abort referenced in function _FindAndUnlinkFrame
1>ucxxrt.lib(frame.obj) : error LNK2001: unresolved external symbol abort

I followed the steps you provided to compile the lib and use it, but I cannot compile the test driver.

This is my project file, please help, thanks.

Link: https://x2295.lanzous.com/iLbSdfco28b

Note: project file contains my compiled ucxxrt.lib.

不好意思,没注意到新版本已经解决了.提issues重复了,请求关闭.

希望把crtsys项目中的功能添加到ucxxrt中
crtsys中实现了
wcout , cout , std::shared_mutex
std::future, std::promise, std::packaged_task
以及各种其他小功能

OS: Windows 10 Enterprise LTSC (Build 17763.1809)
IDE: Visual Studio 2019
WDK: WDK10 (10.0.22000.0)
Build mode: Kernel, Debug and Release x64
Details: 当编译带noexcept修饰的函数时, 提示找不到__C_specific_handler_noexcept
1>genericd.lib(nt_device.obj) : error LNK2001: 无法解析的外部符号 __C_specific_handler_noexcept

出错示例
class NtDevice
{
public:
NtDevice() noexcept = default;
NtDevice(const NtDevice& other) noexcept = delete;
NtDevice(NtDevice&& other) noexcept = delete;
NtDevice& operator=(const NtDevice& other) noexcept = delete;
NtDevice& operator=(NtDevice&& other) noexcept = delete;
virtual ~NtDevice() noexcept
{ destroy(); }

auto create() noexcept -> NTSTATUS;
void destroy() noexcept;

virtual auto name() const noexcept -> const char * = 0;

//
// Dispatch methods.
//

virtual auto on_create() noexcept -> NTSTATUS
{ return {}; }

virtual auto on_close() noexcept -> NTSTATUS
{ return {}; }

virtual auto on_read(void* buffer, size_t buffer_size, size_t& bytes_read) noexcept -> NTSTATUS
{ (void)(buffer); (void)(buffer_size); (void)(bytes_read); return {}; }

virtual auto on_write(void* buffer, size_t buffer_size, size_t& bytes_written) noexcept -> NTSTATUS
{ (void)(buffer); (void)(buffer_size); (void)(bytes_written); return {}; }

virtual auto on_ioctl(void* buffer, size_t buffer_size, uint32_t code) noexcept->NTSTATUS
{ (void)(buffer); (void)(buffer_size); (void)(code); return {}; }

static auto copy_from_user(void* buffer_to, const void* buffer_from, size_t length) noexcept -> NTSTATUS;
static auto copy_to_user(void* buffer_to, const void* buffer_from, size_t length) noexcept -> NTSTATUS;

private:
void* impl_ = nullptr;
};

void NtDevice::destroy() noexcept
{
PDEVICE_IMPL DeviceImpl = (PDEVICE_IMPL)(impl_);

if (!DeviceImpl)
{
return;
}

IoDeleteSymbolicLink(&DeviceImpl->DeviceLink);
IoDeleteDevice(DeviceImpl->DeviceObject);

impl_ = nullptr;
}

请问下,编译库的时候 可否选择 MT 或者 MTD运行库.
以及设置编译版本为 Win7 target platform = desktop
没编译过内核库, 虽然现在编译通过了.还是想问下作者你们是怎么设置的.

如下图:

微软定义
struct _timespec32
{
__time32_t tv_sec;
long tv_nsec;
};

struct _timespec64
{
__time64_t tv_sec;
long tv_nsec;
};

#ifndef _CRT_NO_TIME_T
struct timespec
{
time_t tv_sec; // Seconds - >= 0
long tv_nsec; // Nanoseconds - [0, 999999999]
};
#endif

Describe the bug

realloc的实现中，新的缓冲区大小可以小于原本的缓冲区大小。
krealloc借助了ExReallocatePoolWithTag来实现，此处的memmove可能会触发越界写。

extern"C" __declspec(noinline) void* __cdecl ExReallocatePoolWithTag(
    _In_ SIZE_T OldSize,
    _In_ SIZE_T NewSize,
    _In_ PVOID  OldBlock,
    _In_ __drv_strictTypeMatch(__drv_typeExpr) POOL_TYPE PoolType,
    _In_ ULONG Tag
)
{
    if (OldSize == 0)
    {
        return nullptr;
    }

    #pragma warning(suppress: 4996)
    void* const NewBlock = ExAllocatePoolWithTag(PoolType, NewSize, Tag);
    if (NewBlock)
    {
        memset (NewBlock, 0, NewSize);
        memmove(NewBlock, OldBlock, OldSize); // -> memmove(NewBlock, OldBlock, min(OldSize, NewSize));

        ExFreePoolWithTag(OldBlock, Tag);
        return NewBlock;
    }

    return nullptr;
}

To Reproduce
Expected behavior
Screenshots
Desktop (please complete the following information):
Additional context

之前编译3.3左右的时候提过这个问题。 但是那个时候编译成功了。 大佬也解答疑惑了。
原链接：#19
目前我在项目遇到了需要修改库的问题，所以需要自己重新编译一边。并且修改库的某些地方。
我是用的版本是 Vs2019(根据文档要求） WDK SDK版本 = 10.0.19041.0 C++ 语言开启了支持17
下面是报错。

编译的驱动XP无法运行直接蓝屏。

_Xtime_get_ticks 使用了KeQuerySystemTimePrecise
但是KeQuerySystemTimePrecise在win7上是未导出的, 这会导致驱动在win7上无法运行.

1.WDK版本使用的是 17763.1 vs2017
2.直接Git clone 最新的 ucxxrt
3.打开Vs进行编译. 编译的时候报 找不到 #include <veil/veil.h>
4.随后又找了大佬的另一个 veil项目.然后clone到 ucxxrt里面.
类似结构如下:
1.第一张图.

2.第二张图

5.进行编译,然后提示找不到.

期间设置过 编译的库 使用的sdk版本(与上面一致)
而后设置库 生成的 target version plateform = win7/desktop
SDL = 否
警告视为错误 = 否

1.clone the code
2.change ucxxrt.test from /EHa to /EHsc
3. build.

Then error occoured. like this:
C:\Program Files (x86)\Windows Kits\10\Include\10.0.22621.0\ucrt\corecrt_wstring.h(257,9): error C1001: inner error.

Env:
VS2022 17.8.3 & WDK 10.0.22621.2428

在vs2019中 构造函数和析构函数无效?是不支持吗

编译环境：
VS2022 17.8.3
SDK&WDK 10.0.22621.0

另外：
如果我的ucxxrt是在老版本编译的，譬如就是用的git上面的二进制，然后我自己的驱动用新的SDK和WDK编译，会有兼容问题吗？

OS: Windows 10 Enterprise LTSC (Build 17763.1809)
IDE: Visual Studio 2019
WDK: WDK10 (10.0.19041.0)
Build mode: Kernel, Release x86
Details: When I compile the driver with the already compiled ucxxrt.lib, the LNK2019 error is reported only when I set the compile mode to Release x86. And the project's UnitTest does not compile through in this mode either, with the same LNK2019 error.

有规划支持arm64平台吗？

I can correctly return GetExceptionCode, but calling GetExceptionInformation
C2707 '_exception_info': error context for internal function

首先知道问题的所在.
观看ucxxrt代码. 代码如下

需求:
1.首先我不在DriverMain中设置我自己的DriverUnload. 而是想在用户通过CTRL控制码来告诉我.这时候我在设置DriverUnload
但是观看上面代码得知. 当Invoke_main调用之后会保存我们设置的DriverUnload. 并且设置DriverUnload域为__scrt_common_exit.
此时如果我在 Ctrl回调函数中重新设置 DriverUnload域.就会把 __scrt_common_exit给替换掉. 此时如果驱动卸载的时候会直接运行我自己的DriverUnload. 但是就会触发问题. 首先我电脑开了Verifier验证工具. 会报告我的驱动有内存泄露问题. 而标记则是 ucrt. 所以肯定跟ucrt有关.
后面经过自己调试.发现必须设置为 __scrt_common_exit才可以. 里面会将全局变量 __drv_unload进行调用一次.也就是说 __scrt_common_exit 是对我们的DriverUnload的一层封装. 但是现在就有问题了. 除非我在CTRL 回调函数中手动修改 __drv_unload变量.
否则我要设置DriverUnload只能在 DriverMain中进行设置.

所以想问下 作者. 可否导出一个接口.实现这个需求. 而不直接动用 __drv_unload变量. 或者说可否导出一下 __drv_unload. 来实现自定义的卸载.

Installed the package with NuGet, tried doing a basic std::string print, and try/catch. I get unresolved symbol errors when I compile

Describe the bug
memory map driver cause BSOD.
Both KDMapper and KDU case BSOD

To Reproduce
Steps to reproduce the behavior:
test code:

#include <ucxxrt.h>

#define LOG(Format, ...) DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "[mytest] [" __FUNCTION__ ":%u]: " Format "\n", __LINE__, __VA_ARGS__)

extern"C"   DRIVER_INITIALIZE   DriverMain;

EXTERN_C NTSTATUS DriverMain(PDRIVER_OBJECT aDriverObject, PUNICODE_STRING /*aRegistry*/)
{
	UNREFERENCED_PARAMETER(aDriverObject);
        LOG("test load");
	return STATUS_SUCCESS;
}

1. use KDU or kdmapper to map the test driver.
   It will show "test load" then got BSOD without WinDbg analyze print

Expected behavior
I want to mmap the driver currently.

Screenshots
none.

Desktop (please complete the following information):

• OS: [Windows 10]
• Version 21H2(19044.2130)

Additional context
use Gs- instead of Gs.

• MiniDump [optional]
  uncatched
• WinDbg analyze print
  uncatched

在github所有的kernel stl项目中，ucxxrt是最方便使用的。项目利用属性表进行快速配置。
这让通过findwdk 使用cmake进行驱动开发无法使用这个ucxxrt.lib,不知道作者能否提供一个ucxxrt的cmake模块支持?

这能使得 rapidjson 在拥有ucxxrt时能在内核使用

Test$SEH failed.

Test$SEH

#include <ntifs.h>
#include <ucxxrt.h>
EXTERN_C ULONGLONG KeQueryInterruptTime();
EXTERN_C NTSTATUS DriverMain(PDRIVER_OBJECT aDriverObject, PUNICODE_STRING /aRegistry/)
{
aDriverObject->DriverUnload =
{

    return;
};
auto speed= KeQueryInterruptTime();
KdPrintEx((77, 0, "%llx \n", speed));
return STATUS_SUCCESS;

}

I use ucxxrt.test from ucxxrt.sln with VS2022 17.4.0 Preview 2.1

1>unittest.obj : error LNK2019: 无法解析的外部符号 __std_type_info_name，函数 "public: char const * __cdecl type_info::name(void)const " (?name@type_info@@QEBAPEBDXZ) 中引用了该符号
1>unittest.obj : error LNK2001: 无法解析的外部符号 "struct __type_info_node __type_info_root_node" (?__type_info_root_node@@3U__type_info_node@@A)

Rebuild started...
1>------ Rebuild All started: Project: Empty, Configuration: Debug x64 ------
1>
1> **************************************************
1> * Universal C++ RunTime (UCXXRT) *
1> **************************************************
1>
1> UCXXRT Path : D:\Documents\Desktop\Empty\packages\ucxxrt.3.0.5\lib\native
1> Platform : x64
1> Configuration : Debug
1> Tools Version : 14.34.31933
1> Platform Version : 10.0.22621.0
1> Kernel Mode : true
1>Building 'Empty' with toolset 'WindowsKernelModeDriver10.0' and the 'Desktop' target platform.
1>Source.cpp
1>Stdafx.cpp
1>Generating Code...
1>Source.obj : warning LNK4210: .CRT section exists; there may be unhandled static initializers or terminators
1>LINK : error LNK1218: warning treated as error; no output file generated
1>Done building project "Empty.vcxproj" -- FAILED.
========== Rebuild All: 0 succeeded, 1 failed, 0 skipped ==========
========== Elapsed 00:04.199 ==========

I propose to join forces. I also have an exception handler and support for CRT mechanisms in the kernel, CMake and some goodies - you can check in ReadMe
https://github.com/DymOK93/KTL/tree/feature_fmtlib

你好大佬,使用了我们的 ucxxrt 3.03版本.(Nuget) win732下(inter平台) 可以加载了. 但是win7 64不能加载.
win1064 32 都是可以用的. win8还没试. 还有能否兼容下AMD. 最近写的驱动要兼容常见平台 (AMD Inter) 现在inter 支持win7 32 win1032/64
如果大佬不方便的话,可否告知一下,改往哪方面学习. 我尝试着兼容下AMD. 如果实在不行.只能自己重写 std::string 和 vector了.
我希望咱们的开源库越来越壮大. 正好在做项目.所以使用了此库.如果大佬有心发展的话.我可以把遇到的问题提一下.这样能帮助我们更加完善这个项目.